The FTP daemon must be configured for logging or verbose mode.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-845 | GEN004980 | SV-845r2_rule | ECAR-1 ECAR-3 ECAR-2 | Low |
| Description |
|---|
| Verbose FTP logging allows the examination of events involving FTP account activity, including login/logout events and file transfers. Without this configuration, logs necessary for troubleshooting or analyzing security incidents will be incomplete. |
| STIG | Date |
|---|---|
| SOLARIS 9 X86 SECURITY TECHNICAL IMPLEMENTATION GUIDE | 2015-10-01 |
Details
| Check Text ( C-710r3_chk ) |
|---|
| Examine the FTP daemon service configuration. # grep ftpd /etc/inetd.conf, Check the line for ftpd and determine if the -l or -v options are present. If not, this is a finding. |
| Fix Text (F-999r2_fix) |
|---|
| Edit the FTP daemon configuration in /etc/inetd.conf and add the "-l" or "-v" options (as appropriate) to enable verbose logging. |